Building a Secure and Maintainable PaaS
Speaker: Bradley Whitfield
Resources
Learn more about Cilium and eBPF from the technology experts.
Books
Security Observability with eBPF
The new eBPF Security Observability paradigm enables Security and DevOps teams, SREs, Cloud Engineers, and Solution Architects to gain real-time visibility into Kubernetes security. This O’Reilly report, authored by Natália Réka Ivánkó and Jed Salazar discusses how eBPF provides historical and current metrics to help track improvements and degradations over time.
Learn more
What is eBPF?
O’Reilly Report by Liz Rice now available.
eBPF is a framework that allows users to load and run custom programs within the kernel of the operating system. That means it can extend or even modify the way the kernel behaves. In this report, you will learn about the ability to dynamically change the behavior of the kernel can be tremendously useful.
Learn more
Learning eBPF
Early release of the in-depth O’Reilly book on eBPF
Following the O’Reilly Report written by Liz Rice and published by O’Reilly, Isovalent brings you the in-depth O’Reilly book that enables learning eBPF. This book not only helps with a primer on the importance of eBPF but also helps you run your first eBPF program with a “Hello World” application.
Learn moreCase Studies and Solution Highlights
Building a scalable Kubernetes platform
Isovalent helped PostFinance to build a scalable Kubernetes platform to run mission-critical banking software in production. By migrating to Cilium as the default CNI for kubernetes, they were able to solve their challenges regarding scale, observability and latency. The network was made visible, improving troubleshooting, enabling forensic analysis and transparently encrypt network traffic.
Read the case studyBuilding a secure and maintainable PaaS
Capital One needed to scale their PaaS to multiple teams - but required secure network isolation, visibility and minimal performance overhead. Isovalent Cilium Enterprise met all requirements and scaled past the iptables limits. Hubble’s additional observability capabilities helped their teams to do more from the start.
Read the Solution HighlightWhite Papers
How eBPF will solve Service Mesh
Service mesh is a concept describing the requirements of modern cloud native applications with regards to communication, visibility, and security. Current implementations of this concept involve running sidecar proxies in each workload or pod. This is a pretty inefficient way of solving these requirements. In this white paper we will look at an alternative to the sidecar model that provides a transparent service mesh with high efficiency at low complexity, with the help of eBPF.
Read the white paper
Accelerating the Journey to Cloud Native Microservices
Enterprises adopting cloud native technologies quickly realize that legacy approaches are useless in efficiently rolling our business applications. Cilium enables Kubernetes architects to solve challenges as addressing security & compliance requirements, providing advanced connectivity and ensuring identity-aware observability for platform and application teams.
Read the white paperUser Stories
eBPF at Adobe
Speaker: Brandon Cook
Our eBPF Journey at Datadog
Speaker: Tabitha Sable, Laurent Bernaille
Global Gaming Infrastructure with Cilium
Speaker: Luan Guimaraes
Technical Deep Dive
The Future of eBPF-based Networking and Security
Speaker: Thomas Graf
How Cilium uses BPF to Supercharge Kubernetes Networking & Security
Speaker: Mark Darnell, Roger Klorese, Dan Wendlandt
Kubernetes Network Policy Logging with eBPF
Speaker: Zang Li
Liberating Kubernetes From Kube-proxy and iptables
Speaker: Martynas Pumputis
Hubble - eBPF-based Observability for Kubernetes
Speaker: Sebastian Wicki
How to Make Linux Microservice-Aware with Cilium and eBPF
Speaker: Thomas Graf